Oliver Fink

I have not worked an this web server for nearly six months due to very serious family business. Now I feel it is the time to start over new. Within the next days I will publish an actual version of the Lachmann List. Please stay tuned.

Last month my old MacBook Pro 15″ 2011 was replaced by a brand new MacBook Pro 2016. Here I will list pros and cons and why I am really waiting for a docking station. In summary, I am very happy with my new working device, but Apple could have avoided some annoyances.Continue reading »

For years Tobias Lachmann posted a list of Check Point hardware, for the last time on July 30th 2015. I am continuing and extending the list for the new appliances. Therefore I need your contribution. If you have an appliance at your fingers please be so kind to issue these commandscat /proc/cpuinfo > lachmann.txt
cat /proc/meminfo >> lachmann.txt
and sent the file lachmann.txt with the appliance type as subject to lachmannlist@fink.sh. I will try to update the list by time.

For years Tobias Lachmann posted a list of Check Point hardware, for the last time on July 30th 2015. I am continuing and extending the list for the new appliances. Therefore I need your contribution. If you have an appliance at your fingers please be so kind to issue these commandscat /proc/cpuinfo > lachmann.txt
cat /proc/meminfo >> lachmann.txt
and sent the file lachmann.txt with the appliance type as subject to lachmannlist@fink.sh. I will try to update the list by time.

For years Tobias Lachmann posted a list of Check Point hardware, for the last time on July 30th 2015. I am continuing and extending the list for the new appliances. Therefore I need your contribution. If you have an appliance at your fingers please be so kind to issue these commandscat /proc/cpuinfo > lachmann.txt
cat /proc/meminfo >> lachmann.txt
and sent the file lachmann.txt with the appliance type as subject to lachmannlist@fink.sh. I will try to update the list by time.

I am on my journey back from the Barcelona Sales Kick-Off of Check Point. We were presented the new appliances and while sitting at the airport I realize that they are already on the website. These are the new appliances: 3100, 5100 and 5900. The 5900 is really exciting with up to 32 GB RAM and dual hot-swap HDD or SSD. This system seem to fit perfectly between 5800 and 15400.

VSX R77.30 is quite a good implementation with some annoying flaws – but really worth using it. The now announced features for VSX in R80.10 and beyond will make it even a by far more mature OS. I am really looking forward to the first implementations. Stay tuned.

For years Tobias Lachmann posted a list of Check Point hardware, for the last time on July 30th 2015. I am continuing and extending the list for the new appliances. Therefore I need your contribution. If you have an appliance at your fingers please be so kind to issue these commandscat /proc/cpuinfo > lachmann.txt
cat /proc/meminfo >> lachmann.txt
and sent the file lachmann.txt with the appliance type as subject to lachmannlist@fink.sh. I will try to update the list by time.

Have you ever been frustrated that simple scripting is a problem when doing things on your Check Point firewall? There is a reason why compilers and scripting tools are very limited on such devices. The less options a potential attacker finds to do harm with the better.

As far as I remember from different trainings Check Point uses a GCC compiler to build the policies. But this compiler is said to be stripped down to a large extent.

And there exists Python within GAiA. I would not suggest to use this Python on a gateway, but on a management server it could be very useful.

I migrated this server from a physical host at my company to Digital Ocean, Frankfurt/Main. Using this opportunity I added HTTPS with certificates from Let’s Encrypt and forwarded requests for port 80 to port 443.

If you encounter any problems feel free to comment. I will try to apply fixes as soon as possible.